The real-time transport protocol

This paper describes the Real-time Transport Protocol (RTP) with the emphasis on the securities, confidentiality and authenticity. This system takes a media file as input, encrypt it and create a message digest on the encrypted data then transmit it to the user. On the other side the receiver again calculate digest and compare it with the received one, if match occurs then decrypt and play it in the real time player. In current specification of RFC1889, only the confidentiality is described and authenticity is left for lower layer protocols. This work made experiment both on authenticity and confidentiality. For authenticity MD5, SHA-1 and SHA-2 hash algorithms can be used and for confidentiality AES-128 and Triple DES cryptographic algorithms can be used. In fact, SHA-2 is better than other hash algorithms in terms of security but SHA-1 is better than SHA-2 in terms of time efficiency. On the other hand, AES-128 is better than Triple DES in terms of time efficiency and security. So SHA-1and AES-128 is chosen for authenticity and confidentiality respectively for the security of RTP. The experiment is performed on J2SDK1.5.

In recent days Computer and Internet has become essential part of human life and people demanding more and more access and use data over the Internet in Real-time with efficient secure manner. A new protocol Real-time Transport Protocol (RTP) and its associated

Protocols helping people to use data over the Internet in their real-time applications. In this paper, the analyses of
the securities of RTP, an approach to modify RTP for authenticity are presented. Also the position of RTP in Computer Network Layers, its usage scenario and the importance of time consideration to transmit streams using RTP are discussed and shown their analytical results. RTP is intended to be malleable to provide the information required by a particular application and will often be integrated into the application processing rather than being implemented as a separate layer. RTP is a modular protocol. The usage of RTP for a specific purpose requires an application area specific RTP profile. RTP profiles are used for refining the basic RTP protocol to suit for a particular application area. RTP profiles define how and by which formats data is encapsulated to RTP packets. RFC 1889 defines basic fields for the transportation of real time data. It also defines Real-time Transport Control Protocol (RTCP), whose purpose is to provide feedback on transmission quality, information about participants of RTP session, and enable minimal session control services. RTP is an application level protocol that is intended for delivery of delay sensitive content, such as audio and video, through different networks. The purpose of RTP is to facilitate delivery, monitoring, reconstruction, mixing and synchronization of data streams. RTP provides end-to-end network transport functions suitable for applications transmitting real-time data. RTP is a protocol framework that is deliberately not complete. RTP dose not provide quality of service means that it has no flow control, no error control, no acknowledgement and no mechanism to request retransmission. It does not do so because if a missing packet is retransmitted then it might happen that the retransmitted packet reach to the user too late to use which may hamper real-time use of streams. If some packets are lost during transmission (it is very common for Real-time protocols) then the lost packets are generated by interpolation rather than retransmission. However to improve performance of RTP another protocol; Real-time Transport Control Protocol is used with RTP. It handles feedback on delay, jitter, bandwidth, congestion, and other network properties. RTCP also handles inter stream synchronization. The problem is that different streams may use different clocks, with different granularities and different drift rates. RTCP can be used to keep them in synchronization. RTCP is also supports the use of RTP level translators and mixers.

The paper is organized as follows. In section 2, RTP use scenarios are discussed. In section 3, position of RTP in computer network is discussed. In section 4, time consideration in RTP is discussed. In section 5, RTP packet format, its data transfer protocol and Real-time Transport control Protocol (RTCP) is discussed. Section 6 details the hash and cryptographic algorithms for RTP security while section 7 shows the result and performance analysis. Lastly, section 8 points out the conclusion inferred from the work.

2. RTP use scenarios:

The following sections describe some aspects of the use of RTP. The examples are chosen to illustrate the basic operation of applications using RTP. In these examples, RTP is carried on top of IP and UDP and follows the conventions established by the profile for audio and video specified in the companion Internet-Draft draft-ietf-avt-profile.

2.1 Simple multicast audio conference:

A working group of the IETF meets to discuss the latest protocol draft, using the IP multicast services of the Internet for voice communications. Through some allocation mechanism the working group chair obtains a multicast group address and pair of ports. One port is used for audio data, and the other is used for control (RTCP) packets. This address and port information is distributed to the intended participants. If privacy is desired, the data and control packets may be encrypted, in which case an encryption key must also be generated and distributed. The exact details of these allocation and distribution mechanisms are beyond the scope of RTP. The audio conferencing application used by each conference participant sends audio data in small chunks of, say, 20 ms duration. Each chunk of audio data is preceded by an RTP header; RTP header and data jointly form a UDP packet. The RTP header indicates what type of audio encoding (such as PCM, ADPCM or LPC) is contained in each packet so that senders can change the encoding during a conference, for example, to accommodate a new participant that is connected through a low-bandwidth link or react to indications of network congestion. The Internet, like other packet networks, occasionally loses and reorders packets and delays them by variable amounts of time. To cope with these impairments, the RTP header contains timing information and a sequence number that allow the receivers to reconstruct the timing produced by the source, so that in this example, chunks of audio are contiguously played out the speaker every 20 ms. This timing reconstruction is performed separately for each source of RTP packets in the conference. The sequence number can also be used by the receiver to estimate how many packets are being lost. Since members of the working group join and leave during the conference, it is useful to know who is participating at any moment and how well they are receiving the audio data. For that purpose, each instances of the audio application in the conference periodically multicasts a reception report plus the name of its user on the RTCP (control) port. The reception report indicates how well the current speaker is being received and may be used to control adaptive encoding. In addition to the user name, other identifying information may also be included subject to control bandwidth limits. A site sends the RTCP BYE packet when it leaves the conference.

2.2 Audio and Video Conference:

If both audio and video media are used in a conference, they are transmitted as separate RTP sessions RTCP packets are transmitted for each medium using two different UDP port pairs and/or multicast addresses. There is no direct coupling at the RTP level between the audio and video sessions, except that a user participating in both sessions should use the same distinguished (canonical) name in the RTCP packets for both so that the sessions can be associated. One motivation for this separation is to allow some participants in the conference to receive only one medium if they choose. Despite the separation, synchronized playback of a source’s audio and video can be achieved using timing information carried in RTCP packets for both sessions

2.3 Mixers and translators:

So far, it is assumed that all sites want to receive media data in the same format. However, this may not always be appropriate. Consider the case where participants in one area are connected through a low-speed link to the majority of the conference participants who enjoy high-speed network access. Instead of forcing everyone to use a lower-bandwidth, reduced-quality audio encoding, an RTP-level relay called a mixer may be placed near the low-bandwidth area. This mixer resynchronizes incoming audio packets to reconstruct the constant 20 ms spacing generated by the sender, mixes these reconstructed audio streams into a single stream, translates the audio encoding to a lower-bandwidth one and forwards the lower-bandwidth packet stream across the low-speed link. These packets might be unicast to a single recipient or multicast on a different address to multiple recipients. The RTP header includes a means for mixers to identify the sources that contributed to a mixed packet so that correct talker indication can be provided at the receivers. Some of the intended participants in the audio conference may be connected with high bandwidth links but might not be directly reachable via IP multicast. For example, they might be behind an application-level firewall that will not let any IP packets pass. For these sites, mixing may not be necessary; in which case another type of RTP-level relay called a translator may be used. Two translators are installed, one on either side of the firewall, with the outside one funneling all multicast packets received through a secure connection to the translator inside the firewall. The translator inside the firewall sends them again as multicast packets to a multicast group restricted to the site’s internal network. Mixers and translators may be designed for a variety of purposes. An example is a video mixer that scales the images of individual people in separate video streams and composites them into one video stream to simulate a group scene. Other examples of translation include the connection of a group of hosts speaking only IP/UDP to a group of hosts that understand only ST-II, or the packet-by-packet encoding translation of video streams from individual sources without resynchronization or mixing.

3. Position of RTP in computer network:

As a consequence it is decided to put RTP in user space but should run over User Datagram Protocol (UDP, it is connectionless transport protocol). RTP operates as follows. The multimedia (streams) application consists of multiple audio, video, text and possibly other streams. These are fed into the RTP library, which is in user space along with the application. This library then multiplexes the streams and encodes those RTP packers, which it then stuffs into a socket. At the other end of socket (in the operating system kernel), UDP packets are generated and embedded in IP packets. If computer is on an Ethernet, the IP packets are then put in Ethernet frames for transmission. The protocol stack for this situation is shown in Figure 1.

Since RTP runs in user space not in OS kernel and in the Ethernet it packed by UDP, then IP and then Ethernet, so it is difficult which layer RTP is in. But it is linked to application program and it is generic, application independent protocol that just provides transport facilities, so it is a transport protocol that is implemented in the application layer. The packet nesting is shown in Figure 2.

The main goal of RTP is to make the transmitting streams real-time applicable. On the other hand if security is provided to the transmitting streams, then some extra time is needed to encrypt the streams or to make signature such as making digest from entire movie or audio files. So in concern of time, security is added with some overheads to the RTP. The goal of this paper is to choose algorithms and procedures that make RTP reliable in term of time and security.

4. Time consideration in RTP:

Let a video or audio file over the Internet in real-time is intended to access, then here the most important parameter is bandwidth of the Network. And the next important parameters are minimum clip size and its duration as well as processors speed of both server and client. At first let it be assumed that files are accessing without security consideration. Then let review the following mathematical calculations for audio or video clip to access in real-time.

If the time to upload or download a clip is more than the time to play a clip, the player will wait and the receiver will see a break, i.e. max (tUpload, tDownload) >cSec. For the continuous playing of clips, the following condition must be true:

According to the equation, the waiting time between clips at the receiver does not depend on clip size. The only variable that matters for a continuous playback is the size of a one-second file and that the provided upload and download rates meet the above condition. Lag time between playing and capturing is:

cSec + tupload + tdownload

From the above equation, the maximum lag with no break in the feed is 3*cSec and the minimum lag is cSec. To get the clip as close to real time as possible, cSec should be reduced. Next, apply the above analysis to the following cases:

4.1 Both sender and receiver have a low bandwidth modem connection:

Let’s assume the uRate = dRate = 20K bits/sec. In this case, the one-second file size should be less than 20Kbits. If the clip size is 10 seconds, the maximum playback lag will be 30 seconds. It is observed that the minimum file size for transmitting a one-second video (with no audio) is 8Kbits using H263 encoding and 128?96 pixels video size. It is also observed a minimum file size with the video and an 8-bit mono audio with an 8000Hz-sampling rate to be 80Kbits.

4.2 Either the sender or the receiver has a low bandwidth connection:

Let’s assume that the lower rate is 20Kbits/sec and the other rate is much higher. In this case the one-second file size should be less than 20Kbits, but the maximum playback lag is about 20 seconds if the clip size is 10 seconds.

4.3 Both sender and receiver have high bandwidth:

It is noted here that the one-second-clip size may vary from the format to format of the file, that is, how the file is encoded. For example the one-second-clip size of MP3 is less than in WAV file. But the important point here is that when cryptographic algorithms are applied in the clip then an extra time is added to the processing of clip with each side. So if applied strong encryption algorithms to the clip then extra more time is needed to both sides and upload or download time will be affected and time lag between them will also be changed. So real time access of data is also affected. Therefore, providing security in RTP the considered parameters are bandwidth of the network, file format of clips, upload and download of the clip, processor and memory speed and applying cryptographic and hash algorithms.

5. RTP packet format and data transfer protocol:

RTP packet formats and its Data Transfer Protocol is as follows:

5.1 RTP fixed header files:

Whenever data are transferred with RTP, it always add a fixed header with the payload. The RTP header has the following format shown in figure 4:

The first twelve octets are present in every RTP packet, while the list of CSRC identifiers is present only when inserted by a mixer. Version (V) is 2 bits wide. This field identifies the version of RTP. The version defined by this specification is two (2). Padding (P) is 1 bit wide. If the padding bit is set, the packet contains one or more additional padding octets at the end which are not part of the payload. The last octet of the padding contains a count of how many padding octets should be ignored. Padding may be needed by some encryption algorithms with fixed block sizes or for carrying several RTP packets in a lower-layer protocol data unit. Extension (X) is 1 bit wide. If the extension bit is set, the fixed header is followed by exactly one header extension. CSRC Count (CC) is 4 bits wide. The CSRC count contains the number of CSRC identifiers that follow the fixed header. Marker (M) is 1 bit wide. The interpretation of the marker is defined by a profile. It is intended to allow significant events such as frame boundaries to be marked in the packet stream. A profile may define additional marker bits or specify that there is no marker bit by changing the number of bits in the payload type field. Payload type (PT) is 7 bits wide. This field identifies the format of the RTP payload and determines its interpretation by the application. A profile specifies a default static mapping of payload type codes to payload formats. Additional payload type codes may be defined dynamically through non-RTP means. An initial set of default mappings for audio and video is specified in the companion profile Internet-Draft draft-ietf-avt-profile, and may be extended in future editions of the Assigned Numbers RFC [9]. An RTP sender emits a single RTP payload type at any given time; this field is not intended for multiplexing separate media streams. Sequence number is 16 bits wide. The sequence number increments by one for each RTP data packet sent, and may be used by the receiver to detect packet loss and to restore packet sequence. The initial value of the sequence number is random (unpredictable) to make known-plaintext attacks on encryption more difficult, even if the source itself does not encrypt, because the packets may flow through a translator that does. Time stamp is 32 bits wide. The timestamp reflects the sampling instant of the first octet in the RTP data packet. The sampling instant must be derived from a clock that increments monotonically and linearly in time to allow synchronization and jitter calculations. The resolution of the clock must be sufficient for the desired synchronization accuracy and for measuring packet arrival jitter (one tick per video frame is typically not sufficient). The clock frequency is dependent on the format of data carried as payload and is specified statically in the profile or payload format specification that defines the format, or may be specified dynamically for payload formats defined through non-RTP means. If RTP packets are generated periodically, the nominal sampling instant as determined from the sampling clock is to be used, not a reading of the system clock. As an example, for fixed-rate audio the timestamp clock would likely increment by one for each sampling period. If an audio application reads the blocks covering 160 sampling periods from the input device, the timestamp would be increased by 160 for each such block, regardless of whether the block is transmitted in a packet or dropped as silent. The initial value of the timestamp is random, as for the sequence number. Several consecutive RTP packets may have equal timestamps if they are (logically) generated at once, e.g., belong to the same video frame. Consecutive RTP packets may contain timestamps that are not monotonic if the data is not transmitted in the order it was sampled, as in the case of MPEG interpolated video frames. SSRC is 32 bits wide. The SSRC field identifies the synchronization source. This identifier is chosen randomly, with the intent that no two synchronization sources within the same RTP session will have the same SSRC identifier although the probability of multiple sources choosing the same identifier is low, all RTP implementations must be prepared to detect and resolve collisions. If a source changes its source transport address, it must also choose a new SSRC identifier to avoid being interpreted as a looped source. The CSRC list contains 0 to15 items, 32 bits each. The CSRC list identifies the contributing sources for the payload contained in this packet. The number of identifiers is given by the CC field. If there are more than 15 contributing sources, only 15 may be identified. CSRC identifiers are inserted by mixers, using the SSRC identifiers of contributing sources. For example, for audio packets the SSRC identifiers of all sources that were mixed together to create a packet is listed, allowing correct talker indication at the receiver.

5.2 Multiplexing RTP sessions:

For efficient protocol processing, the number of multiplexing points should be minimized. In RTP, multiplexing is provided by the destination transport address (network address and port number), which defines an RTP session. For example, in a teleconference composed of audio and video media encoded separately, each medium should be carried in a separate RTP session with its own destination transport address. It is not intended that the audio and video be carried in a single RTP session and demultiplexed based on the payload type or SSRC fields. Interleaving packets with different payload types but using the same SSRC would introduce several problems:

If one payload type were switched during a session, there would be no general means to identify which of the old values the new one replaced.
An SSRC is defined to identify a single timing and sequence number space. Interleaving multiple payload types would require different timing spaces if the media clock rates differ and would require different sequence number spaces to tell which payload type suffered packet loss.
The RTCP sender and receiver reports can only describe one timing and sequence number space per SSRC and do not carry a payload type field.
An RTP mixer would not be able to combine interleaved streams of compatible media into one stream.
Carrying multiple media in one RTP session precludes: the use of different network paths or network resource allocations if appropriate; reception of a subset of the media if desired, for example just audio if video would exceed the available bandwidth; and receiver implementations that use separate processes for the different media, whereas using separate RTP sessions permits either single- or multiple-process implementations.

Using a different SSRC for each medium but sending them in the same RTP session would avoid the first three problems but not the last two.

5.3 Profile-Specific modifications to the RTP header:

The existing RTP data packet header is believed to be complete for the set of functions required in common across all the application classes that RTP might support. However, in keeping with the ALF design principle, the header may be tailored through modifications or additions defined in a profile specification while still allowing profile-independent monitoring and recording tools to function. The marker bit and payload type field carry profile-specific information, but they are allocated in the fixed header since many applications are expected to need them and might otherwise have to add another 32-bit word just to hold them. The octet containing these fields may be redefined by a profile to suit different requirements, for example with a more or fewer marker bits. If there are any marker bits, one should be located in the most significant bit of the octet since profile-independent monitors may be able to observe a correlation between packet loss patterns and the marker bit. Additional information that is required for a particular payload format, such as a video encoding, should be carried in the payload section of the packet. This might be in a header that is always present at the start of the payload section, or might be indicated by a reserved value in the data pattern. If a particular class of applications needs additional functionality independent of payload format, the profile under which those applications operate should define additional fixed fields to follow immediately after the SSRC field of the existing fixed header. Those applications will be able to quickly and directly access the additional fields while profile-independent monitors or recorders can still process the RTP packets by interpreting only the first twelve octets. If it turns out that additional functionality is needed in common across all profiles, then a new version of RTP should be defined to make a permanent change to the fixed header.

5.4 RTP header extension:

An extension mechanism is provided to allow individual implementation to experiment with new payload-format-independent functions that require additional information to be carried in the RTP data packet header. This mechanism is designed so that the header extension may be ignored by other interoperating implementations that have not been extended. Note that this header extension is intended only for limited use. Most potential uses of this mechanism would be done better another way, using the methods described in the previous section. For example, a profile-specific extension to the fixed header is less expensive to process because it is not conditional nor in a variable location. Additional information is required for a particular payload format should not use this header extension but should be carried in the payload section of the packet. If the X bit in the RTP header is one, a variable-length header extension is appended to the RTP header, following the CSRC list if present. The RTP header extension is shown in figure 5:

The header extension contains a 16-bit length field that counts the number of 32-bit words in the extension, excluding the four-octet extension header (therefore zero is a valid length). Only a single extension may be appended to the RTP data header. To allow multiple interoperating implementations to each experiment independently with different header extensions, or to allow a particular implementation to experiment with more than one type of header extension, the first 16 bits of the header extension are left open for distinguishing identifiers or parameters. The format of these 16 bits is to be defined by the profile specification under which the implementations are operating. This RTP specification does not define any header extensions itself.

5.5 Real-time Transport Control Protocol (RTCP):

RTCP is a coordination protocol of RTP. It provides some tasks to increase the performance of RTP. The RTP control protocol (RTCP) is based on the periodic transmission of control packets to all participants in the session, using the same distribution mechanism as the data packets. The underlying protocol must provide multiplexing of the data and control packets, for example using separate port numbers with UDP. RTCP performs four functions:

The primary function is to provide feedback on the quality of the data distribution. This is an integral part of the RTP’s role as a transport protocol and is related to the flow and congestion control functions of other transport protocols. The feedback may be directly useful for control of adaptive encodings, but experiments with IP multicasting have shown that it is also critical to get feedback from the receivers to diagnose faults in the distribution. Sending reception feedback reports to all participants allows one who is observing problems to evaluate whether those problems are local or global. With a distribution mechanism like IP multicast, it is also possible for an entity such as a network service provider who is not otherwise involved in the session to receive the feedback information and act as a third-party monitor to diagnose network problems. This feedback function is performed by the RTCP sender and receiver reports.
RTCP carries a persistent transport-level identifier for an RTP source called the canonical name or CNAME. Since the SSRC identifier may change if a conflict is discovered or a program is restarted, receivers require the CNAME to keep track of each participant. Receivers also require the CNAME to associate multiple data streams from a given participant in a set of related RTP sessions, for example to synchronize audio and video.
The first two functions require that all participants send RTCP packets; therefore the rate must be controlled in order for RTP to scale up to a large number of participants. By having each participant send its control packets to all the others, each can independently observe the number of participants. This number is used to calculate the rate at which the packets are sent.
A fourth, optional function is to convey minimal session control information, for example participant identification to be displayed in the user interface. This is most likely to be useful in “loosely controlled” sessions where participants enter and leave without membership control or parameter negotiation. RTCP serves as a convenient channel to reach all the participants, but it is not necessarily expected to support all the control communication requirements of an application. A higher-level session control protocol, which is beyond the scope of this document, may be needed.

Functions (i)-(iii) are mandatory when RTP is used in the IP multicast environment, and are recommended for all environments. RTP application designers are advised to avoid mechanisms that can only work in unicast mode and will not scale to larger numbers.

5.6 RTCP transmission interval:

RTP is designed to allow an application to scale automatically over session sizes ranging from a few participants to thousands. For example, in an audio conference the data traffic is inherently self-limiting because only one or two people will speak at a time, so with multicast distribution the data rate on any given link remains relatively constant independent of the number of participants. However, the control traffic is not self-limiting. If the reception reports from each participant were sent at a constant rate, the control traffic would grow linearly with the number of participants. Therefore, the rate must be scaled down. For each session, it is assumed that the data traffic is subject to an aggregate limit called the “session bandwidth” to be divided among the participants. This bandwidth might be reserved and the limit enforced by the network, or it might just be a reasonable share. The session bandwidth may be chosen based or some cost or a priori knowledge of the available network bandwidth for the session. It is somewhat independent of the media encoding, but the encoding choice may be limited by the session bandwidth. The session bandwidth parameter is expected to be supplied by a session management application when it invokes a media application, but media applications may also set a default based on the single-sender data bandwidth for the encoding selected for the session. The application may also enforce bandwidth limits based on multicast scope rules or other criteria. Bandwidth calculations for control and data traffic include lower- layer transport and network protocols (e.g., UDP and IP) since that are what the resource reservation system would need to know. The application can also be expected to know which of these protocols are in use. Link level headers are not included in the calculation since the packet will be encapsulated with different link level headers as it travels. The control traffic should be limited to a small and known fraction of the session bandwidth: small so that the primary function of the transport protocol to carry data is not impaired; known so that the control traffic can be included in the bandwidth specification given to a resource reservation protocol, and so that each participant can independently calculate its share. It is suggested that the fraction of the session bandwidth allocated to RTCP be fixed at 5%. While the value of this and other constants in the interval calculation is not critical, all participants in the session must use the same values so the same interval will be calculated. Therefore, these constants should be fixed for a particular profile. An algorithm is used to meet the goals outlined above. It calculates the interval between sending compound RTCP packets to divide the allowed control traffic bandwidth among the participants. This allows an application to provide fast response for small sessions where, for example, identification of all participants is important, yet automatically adapt to large sessions.

5.7 Confidentiality:

Confidentiality means that only the intended receiver(s) can decode the received packets; for others, the packet contains no useful information. Confidentiality of the content is achieved by encryption. When encryption of RTP or RTCP is desired, all the octets that will be encapsulated for transmission in a single lower-layer packet are encrypted as a unit. For RTCP, a 32-bit random number is prep ended to the unit before encryption to deter known plaintext attacks. For RTP, no prefix is required because the sequence number and timestamp fields are initialized with random offsets. For RTCP, it is allowed to split a compound RTCP packet into two lower-layer packets, one to be encrypted and one to be sent in the clear. For example, SDES information might be encrypted while reception reports were sent in the clear to accommodate third-party monitors that are not privy to the encryption key. In this example, depicted in Figure 6, the SDES information must be appended to an RR packet with no reports (and the encrypted) to satisfy the requirement that all compound RTCP packets begin with an SR or RR packet. The presence of encryption and the use of the correct key are confirmed by the receiver through header or payload validity checks. The initialization vector is zero because random values are supplied in the RTP header or by the random prefix for compound RTCP packets. Implementations that support encryption should always support the DES algorithm in CBC mode as the default to maximize interoperability.

This method is chosen because it has been demonstrated to be easy and practical to use in experimental audio and video tools in operation on the Internet. Other encryption algorithms may be specified dynamically for a session by non-RTP means. As an alternative to encryption at the RTP level as described above, profiles may define additional payload types for encrypted encodings. Those encodings must specify how padding and other aspects of the encryption should be handled. This method allows encrypting only the data while leaving the headers in the clear for applications where that is desired. It may be particularly useful for hardware devices that will handle both decryption and decoding.

6. Authentication Algorithm:

To provide authenticity, digital signature is sent to receiver by the sender. This can be accomplished by sending digest of transferring packets using known private key of sender and receiver. The used hash algorithm is described below:

The Secure Hash Algorithm (SHA) was developed by the NIST and published as a federal information processing standard (FIPS 180) in 1993. SHA-1 (FIPS 180-1) was the revised version of FIPS 180 in 1995. It takes 64 bit block of input and produces 160 bit of output.

SHA-1 Logic:

This algorithm takes as input a message with a maximum length of less than 2and produces as output a 160-bit message digest. To produce a digest, the overall processing consists of the following steps:

Step 1: Append padding bits:

The input is processed in 512 bit blocks. The message is padded so that its length in bits is congruent to 448 modulo 512 that is, the length of the padded message is 64 bit less than an integer multiple of 512 bits. Padding is always added, even if the message is already of the desired length. The padding consists of a single 1-bit followed by the necessary number of 0-bits.

Step 2: Append length:

A 64-bit representation of the length in bit of the original message (before the padding) is appended to the result of step 1. The message digest generation using SHA-1 is given in figure 7.

Step 3: Initialize MD buffer:

A 160-bit buffer is used to hold intermediate and final results of the hash function. The buffer c an be represented as five 32-bit registers (A, B, C, D, E). These registers are initialized to the following 32-bit integers (hexadecimal values) with big-endian format are shown below –

This step consists of four rounds of processing of similar structure but with 20 steps each using a different primitive logical function referred to as f1, f2, f3 and f4. The processing of a single 512 bit block of SHA-1 is given in figure 8 (SHA-1 compression function).

Here, each round takes as input the current 512-bit blocks being processes(Y) and the 160-bit buffer value ABCDE and updates the contents of the buffer. Each round also makes use of an additive constant K, where 0

The output of the last round last step is added to the input to the first round (CVq) to produce (CVq+1). The addition is done independently for each of the five words in the buffer with each of the corresponding words in CVq using addition modulo 2.

6.2 Cryptographic Algorithm (AES-128):

AES is able to give equal to or better performance than 3DES which is enough secured. But 3 DES having some drawbacks, now AES is chosen for reasons of both efficiency and security. The Rijndael proposal for AES defined a cipher in which the block length and the key length can be independently specified to be 128, 192 or 256 bits. Among these various size for design simplicity, speed and code compactness on a wide range of platforms and measuring resistance against all known attacks, 128-bit key is most commonly implemented.

In Figure 9, the overall structure of AES is shown. The input to the encryption and decryption algorithm is a single 128-bit block. This block is depicted as a square matrix of bytes. This block is copied into the State array, which is modified at each stage of encryption or decryption. After the final stage, State is copied into an output matrix. Similarly, the 128-bit key is depicted as a square matrix of bytes. This key is then expanded into an array of the key schedule words; each word is 4 bytes and the total key schedule is 44 words for the 128-bit key. Here, there are total 10 rounds of similar operation are performed on the block where every round of operation is done in different four stages- one of permutation and three of substitution.

These four stages are described briefly as follows-

Substitute bytes: It Uses an S-box to perform a byte-by-byte substitution of block. There are two type of substitute byte transformation- forward and reverse. The forward substitute byte transformation, called Sub Bytes, is a simple table lookup. AES defines a 16?16 matrix of byte values, called an S-box. The inverse substitute byte transformation, called the inverse S-box is used to decrypt. Here, this S-box is designed to be resistant to known cryptanalytic attacks.
Shift Row: The forward shift row transformation, called Shift Rows. The first row is not altered. For the second row, a 1-byte circular left shift is performed. For the third row, a 2-byte circular left shift is performed. For the third row, a 3-byte circular left is performed. An example is depicted as follows-

The inverse shift row transformation, called InvShiftRows, performs the circular shifts in the opposite direction for each of the last three rows, with a one-byte circular right shift for the second row and so on.

Mix Column: It is a substitution technique that makes use of arithmetic over GF(2^8). The forward mix column transformation, called MixColumns, operates on each column individually. Each byte of a column is mapped into a new value that is a function of all four bytes in the column. It can be done by matrix multiplication. Each element in the product matrix is the sum of products of elements of one row and one column. In this case, the individual additions and multiplications are performed in GF (2^8).again the inverse mi column transformation, called InvMixColumns can be done by matrix multiplication. The AES document describes another way of characterizing the Mix Columns transformation, which is in terms of polynomial arithmetic. In the standard, MixColumns is defined by considering the column of State to be a four term polynomial with coefficients in GF(2^8)..
Add Round Key: In the forward add round key transformation, called AddRoundKey, the 128-bit of State are bitwise XORed with the 128-bits of the round key. This operation is a column wise operation between the 4 bytes of a State column and one word of the round key; which can be said as a byte wise operation. The inverse add round key transformation is identical to the forward add round key transformation, because the XOR operation is its own reverse.
8. Conclusion:

RTP is widely used protocol in accessing real-time data over the internet. But it alone is not sufficient to provide quality of service. Some protocols like SIP, SDP, H.323 and SRTP are used as higher level protocols to provide security in RTP. RTP is a profile specific protocol; its design criteria may vary form application to application. From the analysis we have found that, our proposed model will work very efficiently for audio or video conferencing. One can use this model for his real-time application.